Probe: Likely hack of US banking regulator by China covered up

WASHINGTON, July 13 (Reuters) - The Chinese government likely hacked computers at the Federal Deposit Insurance Corporation in 2010, 2011 and 2013 and employees at the U.S. banking regulator covered up the intrusions, according to a congressional report on Wednesday.

The report cited an internal FDIC investigation as identifying Beijing as the likely perpetrator of the attacks, which the probe said were covered up to protect the job of FDIC Chairman Martin Gruenberg, who was nominated for his post in 2011.

"The committee's interim report sheds light on the FDIC's lax cyber security efforts," said Lamar Smith, a Republican representative from Texas who chairs the House of Representatives Committee on Science, Space and Technology. "The FDIC's intent to evade congressional oversight is a serious offense."

The report was released amid growing concern about the vulnerability of the international banking system to hackers and the latest example of how deeply Washington believes Beijing has penetrated U.S. government computers.

China's embassy in Washington did not comment on the allegations and the report did not provide specific evidence Beijing was behind the hack. Shane Shook, a cyber security expert who has helped investigate some of the breaches uncovered to date, said he did not see convincing evidence in the report that the Chinese government was behind the FDIC hack.

"As with all government agencies, there are management issues stemming from leadership ignorance of technology oversight," Shook said.

The FDIC, a major U.S. banking regulator which keeps confidential data on America's biggest banks, declined to comment. Gruenberg is scheduled to testify on Thursday before the committee on the regulator's cyber security practices.

Washington has accused China of hacking computers at a range of federal agencies in recent years, including the theft of more than 21 million background check records from the federal Office of Personnel Management beginning in 2014.

WATCHDOG MEMO

The compromise of the FDIC computers by a foreign government had been previously reported in May and some lawmakers had mentioned China as a possible suspect, but the report on Wednesday for the first time cited a 2013 memo by the FDIC's inspector general, an internal watchdog, as pointing toward China.

"Even the former Chairwoman's computer had been hacked by a foreign government, likely the Chinese," the congressional report said, referring to Gruenberg's predecessor, Sheila Bair, who headed the FDIC from 2006 until 2011 when Gruenberg took over as acting chairman.

Bair could not be immediately reached for comment.

A redacted copy of the 2013 FDIC inspector general's memo seen by Reuters said investigators were unable to determine exactly which files had been extracted from agency computers.

But a source familiar with the FDIC's internal investigation said the areas of the regulator's network that were hacked suggested the intruders were seeking "economic intelligence."

In all, hackers compromised 12 FDIC workstations, including those of other executives such as the regulator's former chief of staff and former general counsel, and 10 servers, the congressional report said.

It accused the FDIC of trying to cover up the hacks so as not to endanger the congressional approval of Gruenberg, who was nominated by President Barack Obama and confirmed by the U.S. Senate in November 2012.

A witness interviewed by congressional staff said the FDIC's current head of its technology division, Russ Pittman, instructed employees not to disclose information about the foreign government's hack, the report said.

The witness said the hush order was to "avoid effecting the outcome of Chairman Gruenberg's confirmation," according to the report. Pittman could not immediately be contacted for comment.

The report also provided details of data breaches in which FDIC employees leaving the regulator took sensitive documents with them. It said current FDIC officials have purposely concealed information about breaches that had been requested by Congress.

U.S. intelligence officials believe Beijing has decreased its hacking activity since signing a pledge with Washington last September to refrain from breaking into computer systems for the purposes of commercial espionage.

At the same time, Obama has acknowledged difficulties in keeping government information secure. In addition, Republican opponents have said that Democratic presidential candidate Hillary Clinton's use of a private email server when she was secretary of state could have exposed classified information to foreign governments.

RELATED: The C.I.A. and hacking

24PHOTOS

The NSA, Edward Snowden and the CIA

See Gallery

The NSA, Edward Snowden and the CIA

A man is silhouetted near logos of the U.S. National Security Agency (NSA) and Wikipedia in this photo illustration taken in Sarajevo March 11, 2015. REUTERS/Dado Ruvic/File Photo

An undated aerial handout photo shows the National Security Agency (NSA) headquarters building in Fort Meade, Maryland. NSA/Handout via REUTERS THIS IMAGE HAS BEEN SUPPLIED BY A THIRD PARTY. IT IS DISTRIBUTED, EXACTLY AS RECEIVED BY REUTERS, AS A SERVICE TO CLIENTS. FOR EDITORIAL USE ONLY. NOT FOR SALE FOR MARKETING OR ADVERTISING CAMPAIGNS

U.S. President Barack Obama speaks following a meeting with his National Security Council at CIA Headquarters in Langley, Virginia April 13, 2016. REUTERS/Kevin Lamarque

FILE - In this file image made from video released by WikiLeaks on Friday, Oct. 11, 2013, former National Security Agency systems analyst Edward Snowden speaks during a presentation ceremony for the Sam Adams Award in Moscow, Russia. Snowden was awarded the Sam Adams Award, according to videos released by the organization WikiLeaks. The award ceremony was attended by three previous recipients. (AP Photo, File)

WASHINGTON, DC - APRIL 02: Detail of the cufflinks of former Deputy CIA Director Michael Morell as he testifies before the House Select Intelligence Committee April 2, 2014 in Washington, DC. The committee heard testimony on the topic of 'The Benghazi Talking Points and Michael J. Morell's Role in Shaping the Administration's Narrative.' (Photo by Win McNamee/Getty Images)

WASHINGTON, DC - APRIL 02: Former Deputy CIA Director Michael Morell is sworn in prior to testimony before the House Select Intelligence Committee April 2, 2014 in Washington, DC. The committee heard testimony on the topic of 'The Benghazi Talking Points and Michael J. Morell's Role in Shaping the Administration's Narrative.' (Photo by Win McNamee/Getty Images)

A picture taken on February 25, 2015 shows the logo of Gemalto in Paris. European SIM maker Gemalto said it had suffered hacking attacks that may have been conducted by US and British intelligence agencies but denied any 'massive theft' of encryption keys that could be used to spy on conversations. AFP PHOTO KENZO TRIBOUILLARD (Photo credit should read KENZO TRIBOUILLARD/AFP/Getty Images)

Visitors gather in the Gemalto NV pavilion at the Mobile World Congress in Barcelona, Spain, on Wednesday, Feb. 27, 2013. The Mobile World Congress, where 1,500 exhibitors converge to discuss the future of wireless communication, is a global showcase for the mobile technology industry and runs from Feb. 25 through Feb. 28. Photographer: Simon Dawson/Bloomberg via Getty Images

Gemalto CEO Olivier Piou (C) arrives for a press conference on February 25, 2015 in Paris. European SIM maker Gemalto said it had suffered hacking attacks that may have been conducted by US and British intelligence agencies but denied any 'massive theft' of encryption keys that could be used to spy on conversations. AFP PHOTO KENZO TRIBOUILLARD (Photo credit should read KENZO TRIBOUILLARD/AFP/Getty Images)

Gemalto CEO Olivier Piou (C) gives a press conference on February 25, 2015 in Paris. European SIM maker Gemalto said it had suffered hacking attacks that may have been conducted by US and British intelligence agencies but denied any 'massive theft' of encryption keys that could be used to spy on conversations. AFP PHOTO KENZO TRIBOUILLARD (Photo credit should read KENZO TRIBOUILLARD/AFP/Getty Images)

Gemalto CEO Olivier Piou shows a cell phone sim card before a press conference on February 25, 2015 in Paris. European SIM maker Gemalto said it had suffered hacking attacks that may have been conducted by US and British intelligence agencies but denied any 'massive theft' of encryption keys that could be used to spy on conversations. AFP PHOTO KENZO TRIBOUILLARD (Photo credit should read KENZO TRIBOUILLARD/AFP/Getty Images)

BERLIN, GERMANY - JANUARY 29: Symbolic photo for data protection, reflection of the seal of the National Security Agency in a computer hard drive on January 29, 2015 in Berlin, Germany. (Photo by Thomas Trutschel/Photothek via Getty Images)

Michael Rogers, director of the U.S. National Security Agency (NSA), speaks during an interview in New York, U.S., on Thursday, Jan. 8, 2015. The hacking attack on Sony Pictures Entertainment is prompting U.S. officials to rethink when the government should help private companies defend against and deter digital assaults, Rogers said. Photographer: Victor J. Blue/Bloomberg via Getty Images

Visitors chat near a reception desk at the Gemalto NV promotional stand on the opening day of the Mobile World Congress in Barcelona, Spain, on Monday, Feb. 27, 2012. The Mobile World Congress, operated by the GSMA, expects 60,000 visitors and 1400 companies to attend the four-day technology industry event which runs Feb. 27 through March 1. Photographer: Chris Ratcliffe/Bloomberg via Getty Images

NSA leaker Edward Snowden appears on a live video feed broadcast from Moscow at an event sponsored by the ACLU Hawaii in Honolulu on Saturday, Feb. 14, 2015. (AP Photo/Marco Garcia)

An employee displays a Gemalto NV M2M quad sim card at the Mobile World Congress in Barcelona, Spain, on Wednesday, Feb. 27, 2013. The Mobile World Congress, where 1,500 exhibitors converge to discuss the future of wireless communication, is a global showcase for the mobile technology industry and runs from Feb. 25 through Feb. 28. Photographer: Simon Dawson/Bloomberg via Getty Images

GERMANY, BONN - DECEMBER 12:Â Symbol photo of a computer hard drive with the logo of the National Security Agency (NSA), on December 12, 2014 in Bonn, Germany. (Photo by Ulrich Baumgarten via Getty Images)

WASHINGTON, DC - NOVEMBER 20: Adm. Michael Rogers, commander of the U.S. Cyber Command and director of the National Security Agency, testifies during a hearing before the House (Select) Intelligence Committee November 20, 2014 on Capitol Hill in Washington, DC. The committee held a hearing on 'Cybersecurity Threats: The Way Forward.' (Photo by Alex Wong/Getty Images)

A photographer takes picture of U.S. President Barack Obama and Edward Snowden held by pro-democractic legislator Gary Fan Kwok-wai during a news conference in Hong Kong Friday, June 14, 2013. Two lawmakers in Hong Kong said on Friday that they had written to U.S. President Obama to try to persuade him not to bring charges against the former US intelligence contractor Snowden. Snowden revealed last weekend he was the source of a major leak of top-secret information on NSA surveillance, saying he was uncovering wrongdoing. He spoke to reporters from an undisclosed location in the semiautonomous Chinese territory of Hong Kong. (AP Photo/Kin Cheung)